Singapore Cloud Security Summit 2025
Join us at the Cloud Security Summit to strengthen your cloud defenses and tackle emerging threats. Explore Zero Trust, secure multi-cloud deployments, and AI-driven security with industry experts through hands-on sessions and real-world case studies.

Join us at the Cloud Security Summit to explore the latest in cloud security and stay ahead of emerging threats.
In August, we're bringing together cloud security professionals, IT leaders, and industry experts to strengthen your cloud security posture and safeguard your organisation.
Dive deep into Zero Trust models, secure multi-cloud deployments, ensure your Infrastructure-as-Code is compliant, and discover how AI is revolutionising cloud security. Participate in interactive sessions, real-world case studies, panel discussions, and debates to stay ahead of the game.
Key Themes:
- Tackling Emerging Cloud Security
- Implementing Zero Trust in Cloud Environments
- Securing Multi-Cloud Deployments
- Ensuring Infrastructure-as-Code Compliance
- Leveraging AI in Cloud Security
- Protecting Cloud Data
- Building Robust Cloud Security Architectures
Who Should Attend?
Cloud security professionals, IT leaders, cybersecurity experts, DevOps engineers, and anyone keen to enhance their understanding of cloud security and network with industry peers.
Don't miss this chance for a day of learning, innovation, and collaboration at the Cloud Security Summit.
Program Highlights
Speakers
Sessions
Cloud Security Leaders
Track
Our Speakers
Agenda
Beyond Compliance: Building Cyber Resilience in Cloud-First Financial Services
- Moving from reactive controls to proactive cloud security strategies
- Using automation to drive actionable, real-time cyber defense
- Positioning security as a business enabler, not a blocker
- Creating a flexible cyber playbook that scales with regulation and growth
Enterprise applications are deployed across a wide range of cloud environments, each with their own security controls of various capabilities. In the meantime, the threat landscape for web applications has become increasingly sophisticated, and has seen common threats like Bot, DDoS, and Application attacks persist and grow in complexity.
- The evolving nature of Bot, DDoS, and Layer 7 application attacks — and why they continue to succeed
- Architecting a consistent security inspection and enforcement layer at the edge, independent of origin infrastructure
- Leveraging DevOps tools like Terraform and GitHub to automate the deployment of security controls as part of the CI/CD pipeline
Cloud security in Singapore is entering a new era—defined by tighter regulations, growing threat complexity, and rising dependence on hyperscale infrastructure. In this session, we’ll unpack:
- Implications of the Digital Infrastructure Act and updated MAS outsourcing guidelines on cloud operations and vendor oversight.
- How organisations can future-proof encryption and data protection against emerging quantum computing threats.
- Addressing the security and governance challenges of deploying AI-driven systems in regulated cloud environments.
- Understanding the push for data localisation, sovereignty, and its impact on multicloud and infrastructure decisions.
In this innovative session, attendees will be faced with a series of scenarios that they may face in their roles. Attendees will discuss the possible courses of action with their peers to consider the ramifications of each option before logging their own course of action.
Results will be tallied and analysed by our session facilitator and results will impact the way the group moves through the activity.
Will we collectively choose the right course of action?
Cloud-first organisations across Asia are experiencing a rise in Business Email Compromise (BEC), vendor fraud, and social engineering attacks that evade traditional email security. In this session, we’ll demo how modern cloud security teams can detect and stop these advanced threats—without rule maintenance, user disruption, or signal fatigue.
- Why BEC Keeps Winning in Cloud-First Environments
Explore how attackers exploit trust, app integrations, and identity gaps to bypass standard controls. - Replacing Rules with Risk-Based Detection
See how behavioural AI learns normal user and vendor behaviour to detect anomalies without tuning. - Real-World Attack Paths and Response
Walk through recent examples of vendor fraud and internal impersonation stopped by Abnormal’s platform. - Scalable Defence for Lean Teams
Learn how cloud-native teams reduce risk with automated investigation and low-touch workflows.
As OT and IT systems converge, critical infrastructure faces mounting risks. This session shares how one team secured distributed, global environments while balancing resilience, agility, and compliance.
- Mapped risk across complex OT/IT environments to identify critical dependencies and exposure
- Scaled least privilege and segmentation to limit lateral movement and reduce blast radius
- Built governance frameworks that aligned global policy with local regulatory demands
- Applied real-world incident response lessons to strengthen controls and reduce response time
Modern development teams rely heavily on open source, but managing risk across a sprawling, fast-moving software supply chain has become increasingly complex. This session unpacks how one organisation implemented effective controls and visibility into open source usage—without sacrificing developer velocity.
- Identifying hidden vulnerabilities and license risks early in the development cycle across thousands of OSS components
- Building automated guardrails that enforce policy without disrupting workflows
- Creating transparency across development, security, and legal teams to align on risk tolerance
- Lessons learned scaling secure development practices across multiple teams and regions
Singapore’s proposed Digital Infrastructure Act aims to regulate cloud and data centre operators as critical infrastructure. This session explores what organisations need to know now to prepare for heightened expectations around resilience, incident response, and security controls—before the law comes into force.
- What key requirements are expected under the new Digital Infrastructure Act?
- How will the Act shift risk, accountability, and oversight expectations?
- What should CSPs and customers do today to prepare?
- How will this regulation affect procurement and cloud strategy in 2025?
Roundtable Discussions:
Choose 1 topic to join on the day!
- Should We Sack the SEG? Moving into AI-Powered Email Security in 2025.
- Enhanced Strategies for Monitoring and Remediation of Cloud Misconfigurations
- Building Trust in Open Source: Managing Risk Without Slowing Development
- Securing Hybrid-Cloud Deployment Models
- Securing the Software Supply Chain End-to-End
- Cloud Incident Response: Lessons Learned from Real Breaches
- AI and Automation for Proactive Cloud Defense
- Misconfigurations at Scale: Preventing the Preventable
As cloud adoption accelerates, Singapore must redefine accountability across regulators, providers, and customers. Who owns the risk—and who answers when things go wrong?
- Is shared responsibility outdated in 2025’s cloud ecosystem?
- What must every cloud SLA include moving forward?
- Who’s liable when outages or breaches impact customers?
- How can customers gain control without owning infrastructure?
Who Attends?
Chief Information Security Officer
Chief Information Officer
Heads of Cloud Security
Head of Infrastructure
Head of Cloud
Head of Cloud Platform
Head of DevSecOps and AppSec
Head of Cybersecurity Architecture
IT Risk Director
Cybersecurity GRC Director
SRE Director
Network Engineering Director
Network Manager
Cybersecurity Engineering Director
Cybersecurity Operations Manager
Benefits For Attendees




Event Location
Concorde Hotel Singapore

FAQs
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique.
Get In Touch
Contact our event team for any enquiry

Danny Perry
For sponsorship opportunities.

Lili Munar
For guest and attendee enquiries.

Ben Turner
For speaking opportunities & content enquiries.

Taylor Stanyon
For event-related enquiries.